pelle-oauth 0.3.1 → 0.3.5

data/lib/oauth/tokens/access_token.rb

@@ -0,0 +1,68 @@
+module OAuth
+  # The Access Token is used for the actual "real" web service calls that you perform against the server
+  class AccessToken < ConsumerToken
+    # The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
+    # we need to restructure and touch more methods: request(), sign!(), etc.
+    def request(http_method, path, *arguments)
+      request_uri = URI.parse(path)
+      site_uri = consumer.uri
+      is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
+      consumer.uri(request_uri) if is_service_uri_different
+      @response = super(http_method, path, *arguments)
+      # NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
+      # so reset in case consumer is still used for other token-management tasks subsequently?
+      consumer.uri(site_uri) if is_service_uri_different
+      @response
+    end
+
+    # Make a regular GET request using AccessToken
+    #
+    #   @response = @token.get('/people')
+    #   @response = @token.get('/people', { 'Accept'=>'application/xml' })
+    #
+    def get(path, headers = {})
+      request(:get, path, headers)
+    end
+
+    # Make a regular HEAD request using AccessToken
+    #
+    #   @response = @token.head('/people')
+    #
+    def head(path, headers = {})
+      request(:head, path, headers)
+    end
+
+    # Make a regular POST request using AccessToken
+    #
+    #   @response = @token.post('/people')
+    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' })
+    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
+    #   @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
+    #   @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
+    #
+    def post(path, body = '', headers = {})
+      request(:post, path, body, headers)
+    end
+
+    # Make a regular PUT request using AccessToken
+    #
+    #   @response = @token.put('/people/123')
+    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' })
+    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
+    #   @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
+    #   @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
+    #
+    def put(path, body = '', headers = {})
+      request(:put, path, body, headers)
+    end
+
+    # Make a regular DELETE request using AccessToken
+    #
+    #   @response = @token.delete('/people/123')
+    #   @response = @token.delete('/people/123', { 'Accept' => 'application/xml' })
+    #
+    def delete(path, headers = {})
+      request(:delete, path, headers)
+    end
+  end
+end

data/lib/oauth/tokens/consumer_token.rb

@@ -0,0 +1,33 @@
+module OAuth
+  # Superclass for tokens used by OAuth Clients
+  class ConsumerToken < Token
+    attr_accessor :consumer, :params
+    attr_reader   :response
+
+    def self.from_hash(consumer, hash)
+      token = self.new(consumer, hash[:oauth_token], hash[:oauth_token_secret])
+      token.params = hash
+      token
+    end
+
+    def initialize(consumer, token="", secret="")
+      super(token, secret)
+      @consumer = consumer
+      @params   = {}
+    end
+
+    # Make a signed request using given http_method to the path
+    #
+    #   @token.request(:get,  '/people')
+    #   @token.request(:post, '/people', @person.to_xml, { 'Content-Type' => 'application/xml' })
+    #
+    def request(http_method, path, *arguments)
+      @response = consumer.request(http_method, path, self, {}, *arguments)
+    end
+
+    # Sign a request generated elsewhere using Net:HTTP::Post.new or friends
+    def sign!(request, options = {})
+      consumer.sign!(request, self, options)
+    end
+  end
+end

data/lib/oauth/tokens/request_token.rb

@@ -0,0 +1,32 @@
+module OAuth
+  # The RequestToken is used for the initial Request.
+  # This is normally created by the Consumer object.
+  class RequestToken < ConsumerToken
+
+    # Generate an authorization URL for user authorization
+    def authorize_url(params = nil)
+      params = (params || {}).merge(:oauth_token => self.token)
+      build_authorize_url(consumer.authorize_url, params)
+    end
+
+    def callback_confirmed?
+      params[:oauth_callback_confirmed] == "true"
+    end
+
+    # exchange for AccessToken on server
+    def get_access_token(options = {}, *arguments)
+      response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options, *arguments)
+      OAuth::AccessToken.from_hash(consumer, response)
+    end
+
+  protected
+
+    # construct an authorization url
+    def build_authorize_url(base_url, params)
+      uri = URI.parse(base_url.to_s)
+      # TODO doesn't handle array values correctly
+      uri.query = params.map { |k,v| [k, CGI.escape(v)] * "=" } * "&"
+      uri.to_s
+    end
+  end
+end

data/lib/oauth/tokens/server_token.rb

@@ -0,0 +1,9 @@
+module OAuth
+  # Used on the server for generating tokens
+  class ServerToken < Token
+
+    def initialize
+      super(generate_key(16), generate_key)
+    end
+  end
+end

data/lib/oauth/tokens/token.rb

@@ -0,0 +1,17 @@
+module OAuth
+  # Superclass for the various tokens used by OAuth
+  class Token
+    include OAuth::Helper
+
+    attr_accessor :token, :secret
+
+    def initialize(token, secret)
+      @token = token
+      @secret = secret
+    end
+
+    def to_query
+      "oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
+    end
+  end
+end

data/lib/oauth/version.rb

@@ -1,3 +1,3 @@
 module OAuth #:nodoc:
-  VERSION = '0.3.1'
+  VERSION = '0.3.5'
 end

data/oauth.gemspec

@@ -2,17 +2,17 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth}
-  s.version = "0.3.1"
+  s.version = "0.3.5"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
-  s.date = %q{2009-01-26}
+  s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons", "Matt Sanford"]
+  s.date = %q{2009-06-03}
   s.default_executable = %q{oauth}
   s.description = %q{OAuth Core Ruby implementation}
-  s.email = %q{pelleb@gmail.com}
+  s.email = %q{oauth-ruby@googlegroups.com}
   s.executables = ["oauth"]
-  s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "specs.txt", "website/index.txt"]
-  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "lib/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "specs.txt", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
+  s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
+  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/errors.rb", "lib/oauth/errors/error.rb", "lib/oauth/errors/problem.rb", "lib/oauth/errors/unauthorized.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
   s.has_rdoc = true
   s.homepage = %q{http://oauth.rubyforge.org}
   s.rdoc_options = ["--main", "README.rdoc"]
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
   s.rubyforge_project = %q{oauth}
   s.rubygems_version = %q{1.3.1}
   s.summary = %q{OAuth Core Ruby implementation}
-  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
+  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
 
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
@@ -29,15 +29,21 @@ Gem::Specification.new do |s|
     if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<ruby-hmac>, [">= 0.3.1"])
       s.add_development_dependency(%q<newgem>, [">= 1.2.3"])
+      s.add_development_dependency(%q<actionpack>, [">= 0"])
+      s.add_development_dependency(%q<rack>, [">= 0"])
       s.add_development_dependency(%q<hoe>, [">= 1.8.0"])
     else
       s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
       s.add_dependency(%q<newgem>, [">= 1.2.3"])
+      s.add_dependency(%q<actionpack>, [">= 0"])
+      s.add_dependency(%q<rack>, [">= 0"])
       s.add_dependency(%q<hoe>, [">= 1.8.0"])
     end
   else
     s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
     s.add_dependency(%q<newgem>, [">= 1.2.3"])
+    s.add_dependency(%q<actionpack>, [">= 0"])
+    s.add_dependency(%q<rack>, [">= 0"])
     s.add_dependency(%q<hoe>, [">= 1.8.0"])
   end
 end

data/test/cases/spec/1_0-final/test_construct_request_url.rb

@@ -40,7 +40,7 @@ class ConstructRequestUrlTest < OAuthCase
     assert_request_url("https://example.com/resource","HTTPS://Example.com:443/resource?id=123")
   end
 
-  def test_of_normalized_http
+  def test_of_normalized_https
     assert_request_url("https://example.com/resource","https://example.com/resource")
   end
   

data/test/test_access_token.rb

@@ -0,0 +1,28 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/token'
+require 'oauth/consumer'
+
+class TestAccessToken < Test::Unit::TestCase
+  def setup
+    @fake_response = {
+      :user_id => 5734758743895,
+      :oauth_token => "key",
+      :oauth_token_secret => "secret"
+    }
+    # setup a fake req. token. mocking Consumer would be more appropriate...
+    @access_token = OAuth::AccessToken.from_hash(
+      OAuth::Consumer.new("key", "secret", {}),
+      @fake_response
+    )
+  end
+
+  def test_provides_response_parameters
+    assert @access_token
+    assert_respond_to @access_token, :params
+  end
+
+  def test_access_token_makes_non_oauth_response_params_available
+    assert_not_nil @access_token.params[:user_id]
+    assert_equal 5734758743895, @access_token.params[:user_id]
+  end
+end

data/test/test_action_controller_request_proxy.rb

@@ -5,24 +5,123 @@ require 'action_controller/test_process'
 
 class ActionControllerRequestProxyTest < Test::Unit::TestCase
 
-  def request_proxy(parameters={})
-    request = ActionController::TestRequest.new({}, parameters)
+  def request_proxy(request_method = :get, uri_params = {}, body_params = {})
+    request = ActionController::TestRequest.new
+
+    case request_method
+    when :post
+      request.env['REQUEST_METHOD'] = 'POST'
+    when :put
+      request.env['REQUEST_METHOD'] = 'PUT'
+    end
+
+    request.env['RAW_POST_DATA'] = body_params.to_query
     request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
+
     yield request if block_given?
-    OAuth::RequestProxy.proxy(request)
+    OAuth::RequestProxy.proxy(request, :parameters=>uri_params)
+  end
+
+  def test_that_proxy_simple_get_request_works_with_query_params
+    request_proxy = request_proxy(:get, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_query_params
+    request_proxy = request_proxy(:post, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_query_params
+    request_proxy = request_proxy(:put, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_post_params
+    request_proxy = request_proxy(:get, {}, {'key'=>'value'})
+
+    expected_parameters = []
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'GET', request_proxy.method
   end
- 
+
+  def test_that_proxy_simple_post_request_works_with_post_params
+    request_proxy = request_proxy(:post, {}, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_post_params
+    request_proxy = request_proxy(:put, {}, {'key'=>'value'})
+
+    expected_parameters = []
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_mixed_params
+    request_proxy = request_proxy(:get, {'key'=>'value'}, {'key2'=>'value2'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_mixed_params
+    request_proxy = request_proxy(:post, {'key'=>'value'}, {'key2'=>'value2'})
+
+    expected_parameters = [["key", "value"],["key2", "value2"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_mixed_params
+    request_proxy = request_proxy(:put, {'key'=>'value'}, {'key2'=>'value2'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'PUT', request_proxy.method
+  end
+
   def test_parameter_keys_should_preserve_brackets_from_hash
     assert_equal(
       [["message[body]", "This is a test"]],
-      request_proxy({ :message => { :body => 'This is a test' }}).parameters_for_signature
+      request_proxy(:post, { :message => { :body => 'This is a test' }}).parameters_for_signature
+    )
+  end
+
+  def test_parameter_values_with_amps_should_not_break_parameter_parsing
+    assert_equal(
+      [['message[body]', 'http://foo.com/?a=b&c=d']],
+      request_proxy(:post, { :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
     )
   end
 
   def test_parameter_keys_should_preserve_brackets_from_array
     assert_equal(
       [["foo[]", "123"], ["foo[]", "456"]],
-      request_proxy({ :foo => [123, 456] }).parameters_for_signature.sort
+      request_proxy(:post, { :foo => [123, 456] }).parameters_for_signature.sort
+    )
+  end
+
+  def test_query_string_parameter_values_should_be_cgi_unescaped
+    request = request_proxy do |r|
+      r.env['QUERY_STRING'] = 'url=http%3A%2F%2Ffoo.com%2F%3Fa%3Db%26c%3Dd'
+    end
+    assert_equal(
+      [['url', 'http://foo.com/?a=b&c=d']],
+      request.parameters_for_signature.sort
     )
   end
 end

data/test/test_consumer.rb

@@ -1,7 +1,7 @@
-require 'rubygems'
-require 'test/unit'
+require File.dirname(__FILE__) + '/test_helper'
 require 'oauth/consumer'
 require 'oauth/signature/rsa/sha1'
+require 'stringio'
 
 
 # This performs testing against Andy Smith's test server http://term.ie/oauth/example/
@@ -13,6 +13,7 @@ class ConsumerTest < Test::Unit::TestCase
         'consumer_key_86cad9', '5888bf0345e5d237',
         {
         :site=>"http://blabla.bla",
+        :proxy=>"http://user:password@proxy.bla:8080",
         :request_token_path=>"/oauth/example/request_token.php",
         :access_token_path=>"/oauth/example/access_token.php",
         :authorize_path=>"/oauth/example/authorize.php",
@@ -31,6 +32,7 @@ class ConsumerTest < Test::Unit::TestCase
     assert_equal "consumer_key_86cad9",@consumer.key
     assert_equal "5888bf0345e5d237",@consumer.secret
     assert_equal "http://blabla.bla",@consumer.site
+    assert_equal "http://user:password@proxy.bla:8080",@consumer.proxy
     assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
     assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
     assert_equal "http://blabla.bla/oauth/example/request_token.php",@consumer.request_token_url
@@ -50,6 +52,7 @@ class ConsumerTest < Test::Unit::TestCase
     assert_equal "key",@consumer.key
     assert_equal "secret",@consumer.secret
     assert_equal "http://twitter.com",@consumer.site
+    assert_nil    @consumer.proxy
     assert_equal "/oauth/request_token",@consumer.request_token_path
     assert_equal "/oauth/access_token",@consumer.access_token_path
     assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
@@ -144,7 +147,7 @@ class ConsumerTest < Test::Unit::TestCase
 
     assert_equal 'POST', request.method
     assert_equal '/test', request.path
-    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=iMZaUTbQof%2fHMFyIde%2bOIkhW5is%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
     assert_equal nil, request['authorization']
   end
 
@@ -164,7 +167,7 @@ class ConsumerTest < Test::Unit::TestCase
     assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
   end
 
-  def test_that_signing_post_params_works
+  def test_that_signing_post_params_works_2
     request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
 
     assert_equal 'POST', request.method
@@ -319,10 +322,43 @@ class ConsumerTest < Test::Unit::TestCase
       debug)
   end
 
+  def test_post_with_body_stream
+    @consumer=OAuth::Consumer.new( 
+        "key",
+        "secret",
+        {
+        :site=>"http://term.ie",
+        :request_token_path=>"/oauth/example/request_token.php",
+        :access_token_path=>"/oauth/example/access_token.php",
+        :authorize_path=>"/oauth/example/authorize.php"
+        })
+    
+    
+    @request_token=@consumer.get_request_token
+    @access_token=@request_token.get_access_token
+
+    request_body_string = "Hello, hello, hello"
+    request_body_stream = StringIO.new( request_body_string )
+
+    @response=@access_token.post("/oauth/example/echo_api.php",request_body_stream)
+    assert_not_nil @response
+    assert_equal "200",@response.code
+
+    request_body_file = File.open(__FILE__)
+
+    @response=@access_token.post("/oauth/example/echo_api.php",request_body_file)
+    assert_not_nil @response
+    assert_equal "200",@response.code
+
+    # unfortunately I don't know of a way to test that the body data was received correctly since the test server at http://term.ie
+    # echos back any non-oauth parameters but not the body.  However, this does test that the request is still correctly signed 
+    # (including the Content-Length header) and that the server received Content-Length bytes of body since it won't process the
+    # request & respond until the full body length is received.
+  end
+
   protected
 
   def request_parameters_to_s
     @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
   end
-  
 end